Firm Lists Top Tricks Used by Spear Phishers

Firm Lists Top Tricks Used by Spear Phishers

Article excerpt

Early on, cybercriminals discovered that e-mail is a great avenue for spare and mass-distributed malware. It still is, according to a recent report from FireEye, a provider of threat protection for web and e-mail.

FireEye's "Advance Threat Report 1H 2012" recorded a 56% increase in malicious e-mails getting past organizations' security defenses between the first and second quarters of 2012.

Cybercriminals use certain common words in file names that trick large number of unsuspecting recipients to download or install files containing malware to their local drives. According to FireEye's 'Top Words Used in Spear Phishing Attacks to Successfully Compromise Enterprise Networks and Steal Data," the top five draws in the first half of 2012 were "dhl," "notification," "delivery," "express," and "2012."

Interestingly, with only a couple of exceptions, the first half of 2012's list of the top 20 words is completely different from those deemed successful in the second half of 2011. The percentage of attachments containing those words is also significantly higher. …